Jobs

Scholarships

Courses

Companies

Placements

Community

Home >

Jobs >

Sr. Security Engineer, Product Security

Karnataka, India (On-site)

Sr. Security Engineer, Product Security

1 Month ago • 8 Years + • Cyber Security

About the job

8 skills required for this role

Test your skills to join the top 1% applicants for this job

java

cpp

ci-cd

ldap

oauth

software-development-lifecycle-sdlc

innovation

Job Description

The Sr. Security Engineer, Product Security will provide technical leadership to a team securing Xerox's digital platforms. Responsibilities include assessing applications for vulnerabilities, implementing secure SDLC processes, performing secure code reviews, developing security automation tools, defining security requirements, conducting security training, reporting on security metrics, researching industry trends, and acting as a security evangelist. This role requires strong application security expertise and collaboration skills.

Must have:

Assess applications for vulnerabilities
Implement secure SDLC processes
Secure code reviews/static analysis
Develop security automation tools
Threat modelling, security design reviews
Security training for development teams
Report on product security metrics
8+ years cybersecurity experience, 5+ in product security

Good to have:

Java, .Net, C#, C, C++ experience
Prior software development experience

Not hearing back from companies?

Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.

About the job

About Xerox Holdings Corporation

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we’ve expanded into software and services to sustainably power today’s workforce. From the office to industrial environments, our differentiated business solutions and financial services are designed to make every day work better for clients — no matter where that work is being done. Today, Xerox scientists and engineers are continuing our legacy of innovation with disruptive technologies in digital transformation, augmented reality, robotic process automation, additive manufacturing, Industrial Internet of Things and cleantech. Learn more at www.xerox.com and explore our commitment to diversity and inclusion.

Summary:

This position is part of the Xerox Cyber Security team that is responsible for driving security of Xerox digital platforms. The qualified candidate will provide technical leadership to a multidisciplinary product security team that is responsible for securing enterprise systems, applications, and products across a broad spectrum of technologies. The candidate must demonstrate a passion for application security and lead by example that fosters continued growth and technical expertise within the team.

Responsibilities include, but are not limited to:

Assess applications and products for security vulnerabilities and design flaws

Implement secure SDLC processes through effective collaboration

Manual and Automated Secure Code Review

Development of security automation tools

Develop and maintain secure coding practices and security engineering standards for the development team

Perform threat modelling, security design reviews of application or products and define security requirements as part of SDLC process

Security training for internal development teams

Track and report on product security metrics and communicate the security posture of products to stakeholders.

Research, analyze and report on security industry trends and products

Serve as a security evangelist for executive management and business stakeholders.

Knowledge and Skills Required:

Strong understanding of common vulnerabilities, attack vectors and corresponding mitigation techniques

Experience in performing secure code reviews/reviewing results of static analysis tools

In-depth understanding of secure coding practices and secure development life cycle principles.

Good understanding of SSDLC as well as development and integration of tools used as part of CI/CD process

Have good understanding of authentication and authorization standards and protocols (SAML, Oauth, LDAP etc.)

Strong exposure to popular application security standards including OWASP TOP 10, SANS TOP 25 etc.

Proficiency with at least one of the following programming languages desired: Java, .Net, C#, C, C++

Prior software development experience is a plus.

Strong interpersonal skills as well as excellent written and verbal communication skills

Uncompromising personal and professional integrity and ethics

Education and Experience Required:

B.S in computer science, information systems, engineering or related field.

Advanced degree preferred, i.e. MBA or MS

Over 8 years of experience in cybersecurity, with at least 5 years in product security

One or more Industry-standard security certifications (such as OSCP, OSWE, CWEE, OSED)

View Full Job Description

Upload your resume, increase your shortlisting chances by 80%

About The Company

Xerox

2 Active Jobs